Privacy BBA361 Business Ethics and Corporate Governance Lecture 4 Department of Business Administration Chapter 6, “Ethics and the Conduct of Business”,John R. Boatright

Employee Privacy  Company collects employees information and data for hiring, placement, evaluation performance, and compensation purposes.  Basic personal data, i.e. race, sex, age and handicap status  Workplace monitoring:  Computer record about number of phone calls, duration, destination, keystrokes by a data processor to test duration of being away from the desk…..Employers claim to improve employees well- being, avoid employee theft, drugs…etc.  Psychological Testing  Used to predict successful job performance and identify potential dishonest and troublesome employees.

Consumer Privacy  The use of information gathered in the database marketing.  Record of consumers preference, direct mailing to them  One arguable consumer privacy issue is whether it is ethical to reveal information of customers to the direct marketer

Definitions of Privacy  1 st Protect privacy of private life from unwanted publicity: “the right to be let alone—the most comprehensive of rights and the right most valued by civilized men”  2 nd Control over information about ourselves: “Privacy is the claim of individuals…to determine for themselves when, how, and to what extent information about them is communicated to others.”  3 rd Certain facts about a person are not known by others: “the condition of not having undocumented personal knowledge about one possessed by others”

Few issues to be concerned  The kind of information to be collected  The use to which the information is put  The persons in a company who have access to the information  The disclosure of information to persons outside the company  The means used to gain the information  The steps taken to ensure the accuracy and completeness of the information  The access that employees have to information about themselves

Justifying Purpose:  The first three issues can be justified by the PURPOSE of collecting the data.  E.g Maintaining medical records on employees for administer benefit plans, then: 1.medical information that is essential for this purpose can be collected 2.Only persons who are responsible for administering the benefit plan or monitoring employee health are justified to access to the information 3.These persons must use the information only for the intended purpose

Justifying Purpose:  E.g Maintaining medical records on employees for administer benefit plans, then: 1.medical information that is essential for this purpose can be collected 2.Only persons who are responsible for administering the benefit plan are justified to access to the information 3.These persons must use the information only for the intended purpose Therefore: Privacy will be violated if:  Personal information is gathered without a sufficient justifying purpose  Persons who are not in a position know the information  Persons who are in such position use the information for other purposes.

Disclosure to Outsiders Disclosure of personal information to persons outside a company. E.G employer disclose content of personal files to landlords, lending agencies without consent of the employees involved. Sometimes even if it is for the legitimate purpose, employers may not have the right to provide employees information, because the employer is justified in collecting and using information for connecting employer-employee relationship, not for other purpose.

The Means used to Gather Information Use of some means may violate and employee’s right of privacy, such as polygraph testing since these means tend to collect more information than needed. Hidden cameras/ploygraph testing is intrusive because employees are deprived of chances to exercise control over how they appear to others, which is essential for being an autonomous individual.

The Means used to Gather Information Less intrusive means of gathering information are preferred e.g. seeking information about drug use by employees in the workplace are not justified by searching lockers and desks, hidden cameras in restroom, random drug tests, etc, when sufficient information can be gathered by closer observation of work performance, etc.

Accuracy, Completeness and Access The last two issues concerns with fairness matters. Employers maintain inaccurate or incomplete files and deny employees access to them are not invading privacy of employees but violate a right of fair treatment.  Not a possession of personal information matter by its use in ways which are unfair to employees. Polygraph machines are unreliable as only body responses but not mental experience being tested.

Information Collection Consumers may feel a lack of privacy when browsing Internet nowadays Some argue that there is no privacy in Internet, because it is a public arena and being online is like walking and talking in town square. Privacy is defined as control over personal information. Is information on Internet owned by us?

Protecting Privacy on Internet Five principles on Internet privacy suggested by Federal Trade Commission: 1.Notice/Awareness: 1.Notice/Awareness: Disclose the identity of the collecting party, means for collection, use of such information. Should be displayed and easily understood in homepage. 2.Choice/Consent: 2.Choice/Consent: Provide a choice whether to allow information to be collected. 3.Access/Participation: 3.Access/Participation: Allow consumers access to information collected and opportunity to contest the accuracy or completeness of the data.

Protecting Privacy on Internet Five principles on Internet privacy suggested by Federal Trade Commission: 4.Integrity/Security: 4.Integrity/Security: Inform users of the steps taken to protect against the alteration, misappropriation, or destruction of data and action that will be taken for a breach of security. 5.Enforcement/Redress: 5.Enforcement/Redress: Assure consumers that the company follows responsible information practices and consequence for failing to do so. Others: Inform employees whether cookies are used by some websites to track or modify their interaction with the website based on information sent by their internet browser to the server on which the website is located.

Is Private? 1. messages are accessible only with a password know to the users. Computer may belong to company but not the contents. 2.Employers may claim a right to monitor employees’ messages to ensure that system is not being misused. 3.Some privacy experts contend that employers have a right to read employees’ if they announce the policy in advance, while others believe that reading s in company is always wrong, even if employees are put on notice.

Conclusion Ethically Managing employees information: 1.Specify the purpose of collection of data, how to collect and who will administer/access the personal data. These persons must use the information only for the intended purpose 2.Storage of information: (I) Employees personal data should be stored with high security. Such as only be accessed by authorized persons, and if it is stored in computer, personal information should be password- protected. Persons assigned to administer personal data need to strictly adhere to the regulation of relevant privacy protection.

Conclusion Ethically Managing employees information: 3.Give employees right to access their personal information: Employees should be given the right to access to and correct personal data at any time.

Conclusion Ethically Managing employees information: 4.Disclosure of information: (i)inform employees in advance about the disclosure and reason for using such personal data; (ii) inform employees how their personal data be stored, how the company can review, change and delete the personal data collected/stored; (iii) give employees option to choose whether to disclose their data (iv)not disclose employee information to any third party, except to those company related parties; only for purposes stated when collecting personal data; and not to disclose the information to others without consent of employees.